Cisco Confirms Exploitation of Unified CM Flaw
Cisco confirmed this week that malicious actors are actively exploiting a vulnerability within its Unified Communications Manager (Unified CM) software. This critical flaw was addressed by Cisco with a patch released in early June. The confirmation indicates that the vulnerability is no longer theoretical but is being actively leveraged in real-world attacks.
Details surrounding the specific nature of the exploitation and the extent of any potential compromise have not been fully disclosed by Cisco. However, the company's acknowledgement signifies a shift from a potential threat to an active security incident. Organizations utilizing Unified CM are strongly advised to ensure they have applied the June security update to mitigate the risk of exploitation.
The Unified CM platform is a widely used solution for managing voice and video communications within enterprises. Its exploitation could potentially lead to unauthorized access, disruption of services, or other malicious activities depending on the attacker's objectives. Cisco's proactive confirmation, while concerning, allows IT security teams to prioritize remediation efforts and enhance their monitoring for suspicious activity related to their Unified CM deployments.
Original source — read the full reporting at the publisher:
Read on BleepingComputer